The following data protection declaration refers to the central web offer of www.uni-kl.de and other official websites of the Technische Universität Kaiserslautern (TUK), its organs and institutions. For contents of other providers, to which reference is made, for example, via links, other conditions than those described in this data protection declaration may apply.
II. Contact details of the controller
Responsible for the processing of your personal data is
TU Kaiserslautern (TUK)
represented by the President
Prof. Dr. Arnd Poetzsch-Heffter
Gottlieb-Daimler-Strasse, Building 47
Tel.: +49 631 205 0
III. Contact details of the data protection officer
You can reach our data protection officer by phone +49 631 205-4434 or by email: datenschutz(at)uni-kl.de
The postal address is:
IV. Web Analysis
The TUK uses the open source software tool Matomo on its websites for statistical evaluation of the accesses, for error detection and to be able to improve its websites continuously. The following data is stored for this purpose:
- anonymized IP address of the calling system
- date and time of access
- web page or file accessed
- HTTP status code
- referencing website
- subpages to which the user is directed from the accessed page
- frequency the page is accessed
- web browser used and operating system
This data is only stored on TUK servers. The data is not passed on to third parties. Due to the anonymization of IP addresses, it is no longer possible to assign them to the calling computer.
The data is deleted as soon as it is no longer required for the analyses.
The software sets a cookie for seven days on the user's computer in order to recognise returning visitors.
The legal basis for the collection and evaluation of this data is Art. 6 para. 1 (e) in conjunction with Art. 6 para. 3 (b) of the General Data Protection Regulation (GDPR) in conjunction with section 3 of the Data Protection Act of the Land of Rhineland-Palatinate (LDSG).
If you do not agree with the storage and evaluation of this data, you can object to its storage and use at any time by mouse click. In this case a so-called opt-out cookie is stored in your browser, which means that Matomo does not collect any session data.
Your objection will only remain effective if you do not delete the Matomo deactivation cookie on your computer. You will have to perform the opt-out again if you use another computer or another web browser.
If you have activated the "Do Not Track" setting in your browser, no opt-out is required.
V. Contact forms and email contact
On the TUK website there are contact forms that can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and stored. For the processing of the data, your consent is obtained during the submission process and reference is made to this data protection declaration.
Alternatively, it is possible to contact us via the email address provided. In this case, the user's personal data transmitted with the email is stored.
In this context, the data is not shared with third parties.
The legal basis for the processing of the data is Art. 6 para. 1 (a) GDPR, if the user has given his consent.
The legal basis for processing the user´s personal data, acquired as a result of the user sending an email, is Art. 6 para. 1 (f) GDPR. If the email contact aims at the conclusion of a contract, the legal basis for this processing is Art. 6 para. 1 (b) GDPR.
This data is used exclusively for the processing of the conversation. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended.
The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case the conversation cannot be continued. You can revoke your consent and object to the storage via the contact form or by email. All personal data stored in the course of the contact will be deleted in this case.
When accessing individual pages, cookies may be used which are required for the functionality of our content management system (e.g. for password-protected pages and forms). Some elements of our website require that the accessing browser can be identified even after a page change.
These technically necessary cookies are not used to create user profiles and are usually deleted after closing the browser.
You can deactivate or restrict the storage of cookies on your system by the settings in your Internet browser. Cookies already stored can be deleted at any time. If cookies for our website are deactivated or deleted, it is possible that not all functions of the website can be fully used.
VII. Provision of the website and creation of log files
Every time our website is accessed and used, data and information are automatically recorded in the log files of our servers. This collection is necessary to ensure proper operation, to detect errors and to identify attacks and malfunctions of our web offer.
The following data is collected during access (access logs):
- date and time of access
- visited website
- referencing website
- browser configuration
The following data is collected in case of an error message (error logs):
- date and time of access
- nature of the error
- URL of the called up web page and, if applicable, the referencing web page
- IP address of the user
- user name in the event of an authentication error for password-protected websites
This data is not stored together with other personal data of the user.
The legal basis for the temporary storage of the data in the log files is Art. 6 para. 1 (e) in conjunction with Art. 6 para. 3 (b) GDPR in conjunction with section 3 LDSG.
The error logs are used exclusively to identify and rectify technical faults.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected for the provision of the website, this is the case when the respective session has ended. If the data is stored in log files, this is the case after seven days.
VIII. General information on data processing
As a matter of principle, we process personal data of our users only to the extent necessary to provide a functional website and our contents and services.
Possible legal basis for processing personal data
The legal basis is Art. 6 para. 1 (a) GDPR, if the data processing of TUK is based on your consent as a data subject.
When processing personal data which is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 (b) GDPR serves as legal basis. This also applies to processing operations which are necessary to carry out pre-contractual measures.
Insofar as processing of personal data is necessary for compliance with a legal obligation to which the TUK is subject, Art. 6 para. 1 sentence 1 (c) in conjunction with Art. 6 para. 3 (b) GDPR in conjunction with section 3 LDSG serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 (d) GDPR serves as the legal basis.
If the processing is necessary for the performance of a task of the TUK which is in the public interest or is carried out in the exercise of official authority, Art. 6 para. 1 (e) in conjunction with Art. 6 para. 3 (b) GDPR in conjunction with section 3 LDSG serves as the legal basis for the processing.
If processing is necessary to safeguarding the legitimate interest of the TUK or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 (f) GDPR serves as the legal basis for processing this data; unless the TUK is obliged to perform as a public authority in the processing.
Recipients of personal data
As a matter of principle, your personal data will not be passed on to other bodies or persons, unless required by law.
Duration of storage
The personal data will be stored until the processing is completed. They are deleted immediately when the stated purpose is achieved or the procedure concerned is completed and there is no obligation to archive them. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU ordinances, laws or other regulations to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires.
IX. Rights of the data subject
According to the GDPR, every person affected by data processing has the following rights in particular:
- The right to obtain information about the personal data stored and its processing (Art. 15 GDPR).
- The right to rectification if the personal data processed is incorrect or incomplete (Art. 16 GDPR).
- The right to request erasure of the personal data, if one of the conditions according to Art. 17 GDPR applies. However, the right to erasure under Art. 17 para. 1 and 2 GDPR does not exist, inter alia, if the processing of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority (Art. 17 para 3 (b) GDPR).
- The right to restrict processing, in particular where the accuracy of the data is disputed, for the duration of the verification of its accuracy, if the data are processed unlawfully but the data subject requests that the processing be restricted instead of deleted, if the data subject needs the data in order to assert or exercise legal claims or to defend himself against such claims and the data cannot therefore be deleted, or if, in the event of an objection under Art. 21, it is not yet clear whether the legitimate interests of the controller outweigh those of the data subject (Art. 18 GDPR).
- The right to object to the processing of personal data on personal grounds, unless there is an overriding public interest in processing which overweighs the interests, rights and freedoms of the data subject, or the processing is necessary for the assertion, exercise or defence of legal claims (Art. 21 GDPR).
Right of revocation in case of consent
You have the right to revoke your consent to data processing at any time. The revocation is only effective for the future; i.e., the revocation does not affect the lawfulness of the processing already occurred based on the consent given until the time of revocation.
X. Right of appeal to the supervisory authority
You have the right to complain to the Rhineland-Palatinate State Commissioner for Data Protection and Freedom of Information (Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz) if you believe that your personal data is being processed unlawfully by the TUK.
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz
In order to take into account current legal requirements and technical changes, as well as to implement our services and offers in compliance with data protection, we reserve the right to update this data protection declaration regularly. The current status is January 2020.